Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years.
According to an analysis published by digital rights group Access Now, in total 16 journalists and media staff, eight human-rights lawyers, and 11 other members of human-rights groups and non-governmental organizations were targeted by state-sponsored attackers using the Pegasus rootkit and surveillance tool, the investigation found.
While the investigation started in 2021, the actual attacks started in 2019, with 30 victims discovered by Access Now and Citizen Lab, part of the Munk School of Global Affairs and Public Policy at the University of Toronto, while another five victims were uncovered by Human Rights Watch, Amnesty International, and the Organized Crime and Corruption Reporting Project.
Spyware Used to Intimidate & Dissuade Using surveillance tools to wiretap and track the activities of journalists and lawyers undermines free society, warned Access Now.
The surveillance revelations come as Jordan's government is cracking down on cybercrime, amending its statutes with a new law in 2023 that, critics say, is overly vague and ripe for abuse.
The law garnered criticism from the United Nations' Office of the High Commissioner for Human Rights and non-governmental organizations in the region.
The individuals are the latest to be targeted by governments with the NSO Group's surveillance software.
In September, for example, Pegasus spyware was detected on the phone of an exiled Russian journalist, apparently installed with a zero-click exploit.
In December 2022, a group of nearly two dozen journalists in El Salvador sued the NSO Group for its part in surveillance of the reporters.
Governments are using the software to target critics and activists without due process, says Ilia Kolochenko, founder of ImmuniWeb, a penetration testing service provider.
Pegasus Pushes into More Markets In 2016, Citizen Lab and mobile security firm Lookout released an analysis of the Pegasus spyware, which targeted iOS devices.
A year later, Lookout teamed with Google to release an analysis of the Android version.
Israel-based NSO Group has continued to find ways to install its surveillance software on targeted individuals' devices - sometimes requiring social engineering and other times with no activity by the users.
In the latest case, both types of attacks took place, according to Access Now.
In January 2022, Access Now and Front Line Defenders first discovered Pegasus being used to hack Jordanian citizens, and by April 2022, the groups had detected at least five lawyers and journalists.
The NSO Group did not confirm nor deny Access Now's findings.
Policy Needed, But Technology Can Help The NSO Group spokesperson points to its 2023 Transparency and Responsibility Report to highlight its criteria in allowing sales of software to the governments of specific nations.
For the most part, better policy is needed to rein in the use of spyware and exploits against individual users.
The targeting of journalists, lawyers, and activists for exercising free speech shows that additional protections need to be put in place, says ImmuniWeb's Kolochenko.
While the NSO Group has found ways - and bought exploits on secondary markets - to get around smartphone and computer defenses, keeping devices up-to-date and remaining vigilant of links and attachments can make the devices much harder to compromise, he says.
This Cyber News was published on www.darkreading.com. Publication date: Mon, 05 Feb 2024 19:25:24 +0000